Simon says he has a new identity system
The old names are putting on new uniforms, joining new teams, saying the right things about the new bosses, even when they are the same as the old bosses.
It's the open source version of the off-season. Since it's summer we can't call it the Hot Stove League. Maybe we should call it the Iced Tea League.
Few moves were anticipated as much as that of Simon Phipps (above). You might call him the Joe Johnson of Sun open source. So far he has gone all Matt Asay on us with a blog, and announced he is joining the open source identity company Forgerock.
Forgerock's business is the old OpenSSO identity server from Sun, now dressed up as the I3 platform under the CDDL license previously pioneered by Sun. Forgerock says they rescued the code from oblivion. Oracle apparently still has the copyrights. (Ruh-roh.)
Forgerock is organized for serious authentication, says Phipps, whose initial interviews have me wondering whether he knows what industry he is targeting. So let me help with two words.
The NHIN service, launched last year using open source components like Glassfish, is currently being taken apart and put back together, in Washington, under the rubric of NHIN Direct. The original model was a private network with central control. The new model is a set of protocols running on the Internet.
One of those protocols has to be identity. Essentially the plan is for "Health ISPs" to guarantee the identity of each party to a data transfer. You're Doctor X, you're Doctor Y, we encrypt the package and audit the data transfer.
Health Information Exchanges (HIEs) would still connect major medical systems using heavy-duty protocols and rules, but the Health ISPs would serve doctors and clinics, most of whom are getting broadband anyway so they can create Electronic Health Records (EHRs) under Software as a Service (SaaS).
All this will be paid for with what I like to call sweet, sweet stimulus cash, approved in 2009 as the HITECH Act. Payments to doctors and hospitals will be under meaningful use rules now undergoing a final review, and the first set of standards must be met during fiscal 2011, which starts in October.
Assuring the identity of doctors for transferring records and tests is a market with a crying need, and with a pot of gold awaiting whoever can deliver a solution. So, Simon, leave the blogging to me and start making some phone calls.